Skip to main content

Windows Creators Update to improve Defender’s detection and response

Microsoft is continuing to update its Windows Defender platform and will issue a big overhaul to some of its functions in the upcoming Creators Update. Specifically, it will improve the ways in which the anti-malware software detects, investigates and responds to a range of threats from different actors.

Along with Windows Firewall, Windows Defender is seen by many as the baseline of defense for a Windows-based PC. It can go hand in hand with third-party antivirus and anti-malware products, but Windows Defender is the first and last step in protecting many millions of systems the world over. So, keeping it updated and capable of tackling the latest threats is rather important.

Recommended Videos

In the Creators Update, Microsoft will update its ability to detect memory and kernel intrusions, where typically attackers could hide from traditional detection methods. Microsoft claims to have already leveraged this ability to prevent new zero-day attacks on Windows and has used machine learning to counter the changing trends in attack vectors.

Customers can even add in their own indications of intrusion to augment the detection dictionary.

Opening up the anti-malware process to consumers is a major part of the changes Microsoft is making in the Creators Update. When it comes to threat investigation, Microsoft has added a “single pane of glass across the entire Windows security stack.” In essence, everyone will be able to see what Windows Defender is doing: what it’s blocking, what it’s quarantining and what it’s keeping an eye on.

All of that will be available within a single view to make it easier for security teams to analyse potential and historic threats to the system. This should enable a deeper understanding of the types of attacks coming in, which makes it easier for security professionals and end users to prevent further attacks in the future.

IT managers will be able to look at up to six months of logs for an entire organization’s cloud-connected systems, to provide historic context for any studied attacks.

Giving those same security professionals additional power to combat ongoing attacks, Windows Defender’s update response system will give them manual controls for isolating machines, banning certain files from the network, and killing and quarantining certain processes or files.

All of that and more will be added as part of the upcoming Creators Update. If you’d like to try it out now, you can start a free trial with the Advanced Thread Protection system today.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Windows 11 is creating an ‘undeletable’ 8.63GB cache
The Surface Pro 11 on a white table in front of a window.

The recent Windows 11 24H2 update is reportedly flawed with a new issue where it creates 8.63GB of undeletable update cache. This cache is made during the update process and seems to remain on the system, despite attempts to remove it using traditional methods like Disk Cleanup, Storage Sense, or even manually deleting system folders like Windows.old​.

The issue appears to be linked to checkpoint updates, a new feature in Windows 11 designed to streamline and shrink update sizes by downloading smaller patches rather than full updates.

Read more
Whatever you do, don’t install the Windows 11 September update
Windows 11 logo on a laptop.

Microsoft has warned users in a post on its support blog that the September KB5043145 update, released on Thursday, is causing some Windows 11 PCs to restart multiple times, show the blue screen of death, or even freeze.

The problems in the recent update affect those on the 22H2 or 23H3 version of Windows 11. However, Microsoft said it is investigating the issue and will provide more information when it's available. Microsoft confirmed: "After installing this update, some customers have reported that their device restarts multiple times or becomes unresponsive with blue or green screens. According to the reports, some devices automatically open the Automatic Repair tool after repeated restart attempts. In some cases, BitLocker recovery can also be triggered."

Read more
Microsoft just released its ‘unified gateway to Windows’ for Mac
The Surface Pro 11 on a white table in front of a window.

Microsoft has launched a new Windows App for Mac that unifies the remote access Windows experience. There are even versions for iOS, iPadOS, and web browsers, with an Android version in public preview mode.

Windows App: Your gateway to Windows on any device

Read more